When set to on, this password policy attribute allows the root DN to modify passwords, even if the modification violates the password policy. This allows exceptions to the password policy. If the Directory Manager changes a password and the server detects that the new password violates the minimum length or the password history, a warning is logged, but the modification proceeds.

The default value is off, meaning the server rejects even changes to passwords by the Directory Manager if such changes violate the specified password policy.

Syntax

Directory String, single-valued.

Usage

Attribute specific to this Directory Server instance and version of the schema.